Dropped Files | ZeroBOX

Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

Dropped Files | ZeroBOX

Name	2d00f2194e9c74b8_airways_14.bmp Submit file
Filepath	C:\Users\test22\AppData\Roaming\Havesanger\Nondyspeptic\Soten34\Igniting\Rockere128\Earn\Airways_14.bmp
Size	7.7KB
Processes	1688 (wins.EXE)
Type	JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=3], baseline, precision 8, 110x110, frames 3
MD5	`4500ee6294e6dd7ebc558442a45cd4a2`
SHA1	`e8dadc287fdc1d254e00fe6797732a6d7665ea61`
SHA256	`2d00f2194e9c74b879c37b05af189682dbd551c8366f5145fc5d84200070a265`
CRC32	`6ADDCFFF`
ssdeep	`96:BSTzREAr5vY+BeASEciQC3a1Sgs7wiqPi5uJvI5ezU9oC/ZMlZCLISsOlHmxewSn:oXR5rEA3ciXq1Sgs7LouLyzAHKSoe2sr`
Yara	JPEG_Format_Zero - JPEG Format
VirusTotal	Search for analysis

Name	09b145f1026dc77e_network-cellular-connected-symbolic.svg Submit file
Filepath	C:\Users\test22\AppData\Roaming\Havesanger\Nondyspeptic\Potoroinae\Studeopdrttet\network-cellular-connected-symbolic.svg
Size	900.0B
Processes	1688 (wins.EXE)
Type	SVG Scalable Vector Graphics image
MD5	`5e13e015c209ea0ab666e45a9972c423`
SHA1	`5ecb2203d5e897bb113e1d631ba59eccc4268bb8`
SHA256	`09b145f1026dc77e4cc4994303c3b3f62e53d221f8161d226f9cc894d9cb086d`
CRC32	`535782F1`
ssdeep	`24:t4CpZJkrl+EdXErlXrGAOAUMsVvSJfWflxAFQdFfoAeWrGDT/N:/Jk9dX8lCAPspflxoaoAe3DT/N`
Yara	None matched
VirusTotal	Search for analysis

Name	0a27699bb77e92c7_skrmskemaer.eks Submit file
Filepath	C:\Users\test22\AppData\Roaming\Havesanger\Nondyspeptic\Skrmskemaer.Eks
Size	251.2KB
Processes	1688 (wins.EXE)
Type	data
MD5	`068d6e459d433deb9afb105bb4f2c422`
SHA1	`2867ef2f67f2b17f5f4dcc8b5906b45c388de14a`
SHA256	`0a27699bb77e92c73c7fbdb5372937db7b2f6406c42f1b29fb5599ad4580db44`
CRC32	`849A02A5`
ssdeep	`3072:hPvtiqahHEULuR6Q9lbbrwO8bzknfXqRSRWt+Xs005SAWPGUhXLYxB/f4cC80Krn:tvRaxEj/b8cfXR197QfCtKngcomaQ`
Yara	None matched
VirusTotal	Search for analysis

Name	e3b0c44298fc1c14_nsyBFD0.tmp Empty file or file not found
Filepath	C:\Users\test22\AppData\Local\Temp\nsyBFD0.tmp
Size	0.0B
Type	empty
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
CRC32	`00000000`
ssdeep	`3::`
Yara	None matched
VirusTotal	Search for analysis

Name	4c86b238e64ecfaa_system.dll Submit file
Filepath	C:\Users\test22\AppData\Local\Temp\nseC08D.tmp\System.dll
Size	11.0KB
Processes	1688 (wins.EXE)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`375e8a08471dc6f85f3828488b1147b3`
SHA1	`1941484ac710fc301a7d31d6f1345e32a21546af`
SHA256	`4c86b238e64ecfaabe322a70fd78db229a663ccc209920f3385596a6e3205f78`
CRC32	`F3BCE476`
ssdeep	`192:MPtkumJX7zB22kGwfy0mtVgkCPOs91un:9702k5qpds9Qn`
Yara	IsDLL - (no description) PE_Header_Zero - PE File Signature IsPE32 - (no description)
VirusTotal	Search for analysis

Name	c655c545de5f07d8_libpixbufloader-icns.dll Submit file
Filepath	C:\Users\test22\AppData\Roaming\Havesanger\Nondyspeptic\Potoroinae\Studeopdrttet\libpixbufloader-icns.dll
Size	19.4KB
Processes	1688 (wins.EXE)
Type	PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
MD5	`7dea5dab23582505c0eb671ef816c927`
SHA1	`cbb8443e8511df1a6cdbd5ab6d1a8982b881b52e`
SHA256	`c655c545de5f07d85f588599043d8429cc7682ffa9e1dc55fd5275308abca20e`
CRC32	`16F80747`
ssdeep	`384:GNe90VEZnTALI8BHHJOpA6nHPrrNUgNGcRr:Gg90WAI8BnJ1KTRr`
Yara	IsDLL - (no description) IsPE64 - (no description) PE_Header_Zero - PE File Signature
VirusTotal	Search for analysis